Overview Transition Mechanisms Are technologies to facilitate the transitioning of the Internet from its IPv4 infrastructure to IPv6. Well known mechanisms: •Dual-Stack •Tunneling •Translation (and it’s variances)
Types of nodesAs defined in RFC4213Type DefinitionIPv4-Only node A host or router that implements only IPv4. An IPv4-only node does not understand IPv6.IPv6/IPv4 node A host or router that implements both IPv4 and IPv6.IPv6-only node A host or router that implements only IPv6 and does not implement IPv4.IPv6 node Any host or router that implements IPv6. IPv6/IPv4 and IPv6-only nodes are both IPv6 nodes.IPv4 node Any host or router that implements IPv4. IPv6/IPv4 and IPv4-only nodes are both IPv4 nodes.
Dual-Stack Understanding Dual-Stack• Dual-stack nodes, as the name suggests, maintain two protocol stacks that operate in parallel and thus allow the end system or router to operate via either protocol.• In end systems, they enable both IPv4 and IPv6 capable applications to operate on the same node.• Dual-stack capabilities in routers allow handling of both IPv4 and IPv6 packet types.
Dual-Stack examples A & AAAA (Quad A) records MacOS IPv4/v6 settings
Tunneling Understanding Tunneling• For IPv6 transition, the IPv6 protocol data unit (PDU) is generally carried as the payload of an IPv4 packet.• Encapsulation of the payload protocol data unit is performed at the tunnel entrance (source), and decapsulation is performed at the tunnel exit point (destination).
Tunneling IPv6 in IPv4• IPv6 is encapsulated in IPv4 – Identified by ‘Protocol 41’• Many topologies possible – – Router to Router – Host to Router – Host to Host• The tunnel node endpoints takes care of the encapsulation. This process is “transparent” to the other nodes.
Tunneling Mechanisms• The following IPv6 tunneling techniques to be used over IPv4 networks.• IPv6 Manually Configured Tunnel• IPv6 over IPv4 GRE Tunnel• 6over4• Automatic IPv4-Compatible Tunnel• Automatic 6to4 Tunnel• Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) Tunnel• Teredo Tunnel• IPv6 Rapid Deployment (6rd)
Understanding Configured Tunneling Configured Tunnels must be configured manually.• These tunnels are used when using IPv6 addresses that do not have any embedded IPv4 information.• Tunnel endpoints are explicitly configured. The IPv6 and IPv4 addresses of the endpoints of the tunnel MUST be specified. – All IPv6 implementations support this• Tunnel endpoints must be dual stack nodes – The IPv4 address is the endpoint for the tunnel – Require a reachable IPv4 address (no NAT between the endpoints)
Understanding IPv6 over IPv4 GRE Tunnel• Uses the standard Generic Routing Encapsulation (GRE) tunneling technique.• As in manually configured tunnels, these tunnels are links between two points, with a separate tunnel for each link.• GRE tunnels are not tied to a specific passenger or transport protocol.• GRE tunnels are used between two points and require configuration of both the source and destination addresses of the tunnel.• The edge routers and end systems used as tunnel end points must be dual stack devices.
Understanding Automatic IPv4-Compatible Tunnel• Is an IPv6 over IPv4 tunnel mechanism which uses an IPv4-compatible IPv6 address. Example ::192.168.99.1• Can be configured between end systems, edge routers, or an edge router and an end system. But mainly been used to establish connection between routers.• Automatic IPv4-compatible tunnel technique constructs tunnels with remote nodes on the fly.• Tunnel source and destination are automatically determined by the IPv4 address.• The IPv4-compatible tunnel is largely replaced by the 6to4.• The use of IPv4-compatible tunnel as a transition mechanism is nearly deprecated.
Understanding Automatic 6to4 Tunnel• 6to4 tunnel treats the IPv4 infrastructure as a virtual non-broadcast link using an IPv4 address embedded in the IPv6 address to find the other end of the tunnel.• Each IPv6 domain requires a dual-stack router.• The key requirement is that each site has a 6to4 IPv6 address.• Each site, even if it has just one public IPv4 address, has a unique routing prefix in IPv6.
6to4 Relay Routers• 6to4 doesn’t provide connectivity to the global IPv6 Internet.• 6to4 Relay Routers (RR) provides such capabilities.• These RR are standard routers with both 6to4 and a normal IPv6 address.• RR provide a routing service between the native IPv6 domain and the 6to4 domain.
Understanding ISATAP• Intrasite Automatic Tunnel Addressing Protocol (ISATAP) is similar to 6to4 that enables incremental deployment of IPv6.• Allow hosts that are multiple IPv4 hops away from an IPv6 router to participate in the IPv6 network by automatically tunneling IPv6 packets over IPv4.• All ISATAP nodes are dual stacked.• ISATAP requires the first 64 bit of the address to be available. (known as the ISATAP prefix)• The 64-bit interface identifier is formed by concatenating 0000:5EFE and the IPv4 address of the dual-stack node (e.g. 192.168.99.1).
Understanding TEREDO• Teredo (also known as Shipworm) service is a tunnel mechanism that provides IPv6 connectivity to nodes located behind one or more IPv4 NATs.• Tunnels IPv6 packets over the User Datagram Protocol (UDP) through NAT devices.• Teredo service is defined for the case where the NAT device cannot be upgraded to offer native IPv6 routing or act as a 6to4 router/or other mechanisms.• The Teredo network consists of a set of Teredo clients, servers, and relays.• Teredo tunnels use Teredo servers and Teredo relays. • The Teredo servers are stateless and manage a small fraction of the traffic between Teredo clients • Teredo relays act as IPv6 routers between the Teredo service and the native IPv6 Internet
Teredo Addressing• The Teredo prefix is 2001::/32.• The Teredo server IPv4 address is the public IPv4 address.• The Flags field indicates the type of NAT used by the Teredo client.• The last two fields are the “obscured” mapped external IPv4 address and port of the Teredo client.
Teredo Architecture• Teredo client (TC): IPv4 node that wants access to the IPv6 Internet• Teredo server (TS): – assist in the address configuration of Teredo clients – facilitate the initial communication between Teredo clients and other Teredo clients or between Teredo clients and IPv6-only hosts• Teredo relay (TR): IPv6 router that can receive traffic from the IPv6 Internet to the Teredo client and forward it to the Teredo client interface.
E.g. Teredo Communication1. TC sends v6 echo request to 4. The TR will tunnel the echo TS.1 reply to the TC:2. TS relays the echo request to – cone NAT, the packet will be the IPv6-only host (6H). forwarded to the TC3. 6H sends an IPv6 echo reply – restricted cone NAT, this packet would be discarded, with the TC’s address as and additional procedures, destination. The IPv6 involving bubble packets infrastructure will route this 5. TC determines relay IPv4 packet to the nearest TR address from the received based on 2001::/32 routes. packet send packets to the 6H via the TR. 6. The TR extracts the IPv6 packet and forwards to the 1. TS are expected to relay these requests. 6H. Future communications can follow this same path.